Free HCVA0-003 Exam Dumps

Question 76

- (Topic 3)
You need to decrypt customer data to provide it to an application. When you run the decryption command, you get the output below. Why does the response not directly reveal the cleartext data?
$ vault write transit/decrypt/phone_number ciphertext="vault:v1:tgx2vsxtlQRfyLSKvem..." Key Value
--- -----
plaintext aGFzaGljb3JwIGNlcnRpZmllZDogdmF1bHQgYXNzb2NpYXRl

A. The user does not have permission to view the cleartext data
B. The output is base64 encoded
C. The output is actually a response wrapped token that needs to be unwrapped
D. The original data must have been encrypted

Correct Answer:B

Question 77

- (Topic 5)
How many Shamir's key shares are required to unseal a Vault instance?

A. All key shares
B. A quorum of key shares
C. One or more keys
D. The threshold number of key shares

Correct Answer:D

Question 78

- (Topic 2)
True or False? To prepare for day-to-day operations, the root token should be safely saved outside of Vault in order to administer Vault.

A. True
B. False

Correct Answer:B

Question 79

- (Topic 2)
Which of the following statements are true about HCP Vault Dedicated? (Select three)

A. Provides 100

Correct Answer:BCD

Question 80

- (Topic 2)
An application has authenticated to Vault and has obtained dynamic database credentials with a lease of 4 hours. Four hours later, the credentials expire, and the application can no longer communicate with the backend database, so the application goes down. What should the developers instruct the application to do to prevent this from happening again while maintaining the same level of security?

A. Go back to using static credentials
B. Renew the lease before expiration
C. Revoke the lease before expiration
D. Use a different auth method

Correct Answer:B